• Home
  • Articles
  • PDF (New 2022) Actual Microsoft MS-100 Exam Questions [Q108-Q127]

PDF (New 2022) Actual Microsoft MS-100 Exam Questions [Q108-Q127]

Share

PDF (New 2022) Actual Microsoft MS-100 Exam Questions

Dumps Moneyack Guarantee - MS-100 Dumps UpTo 90% Off


Microsoft 365 Identity and Services MS-100 Exam

Microsoft 365 Identity and Services MS-100 Exam which is related to Microsoft 365 Certified Enterprise Administrator Expert Certification. This exam validates the ability to evaluate, plan, migrate, develop, and market Microsoft 365 services. Candidate can perform Microsoft 365 tenant management tasks, for an enterprise, including its identities, security, compliance and supporting technologies. This exam also verifies the working knowledge of Candidate in Microsoft 365 workloads and must have experience in administration for at least one Microsoft 365 workload (Exchange, SharePoint, Skype for Business, Windows as a Service). Candidates must have a strong understanding of networking, server administration and IT fundamentals such as DNS, Active Directory and PowerShell.

 

NEW QUESTION 108
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has 3,000 users. All the users are assigned Microsoft 365 E3 licenses.
Some users are assigned licenses for all Microsoft 365 services. Other users are assigned licenses for only certain Microsoft 365 services.
You need to determine whether a user named User1 is licensed for Exchange Online only.
Solution: You run the Get-MsolAccountSku cmdlet.
Does this meet the goal?

  • A. No
  • B. Yes

Answer: A

Explanation:
Explanation
The Get-MsolAccountSku cmdlet returns all the SKUs that the company owns. It does not tell you which licenses are assigned to users.
Reference:
https://docs.microsoft.com/en-us/powershell/module/msonline/get-msolaccountsku?view=azureadps-1.0

 

NEW QUESTION 109
You have a Microsoft 365 subscription.
You view the service advisories shown in the following exhibit.

You need to ensure that users who administer Microsoft SharePoint Online can view the advisories to investigate health issues.
Which role should you assign to the users?

  • A. SharePoint administrator
  • B. Message Center reader
  • C. Service administrator
  • D. Reports reader

Answer: C

Explanation:
People who are assigned the global admin or service administrator role can view service health. To allow Exchange, SharePoint, and Skype for Business admins to view service health, they must also be assigned the Service admin role. For more information about roles that can view service health.
Reference:
https://docs.microsoft.com/en-us/office365/enterprise/view-service-health

 

NEW QUESTION 110
You need to meet the security requirements for User3. The solution must meet the technical requirements.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

References:
https://docs.microsoft.com/en-us/office365/SecurityCompliance/eop/feature-permissions-in-eop
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answer and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question in this case study, click the button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. When you are ready to answer a question, click the Overview Contoso, Ltd. is a consulting company that has a main office in Montreal and two branch offices in Seattle and New York.
The offices have the users and devices shown in the following table.

Contoso recently purchased a Microsoft 365 E5 subscription.
Existing Environment
The network contains an Active directory forest named contoso.com and a Microsoft Azure Active Directory (Azure AD) tenant named contoso.onmicrosoft.com.
You recently configured the forest to sync to the Azure AD tenant.
You add and then verify adatum.com as an additional domain name.
All servers run Windows Server 2016.
All desktop computers and laptops run Windows 10 Enterprise and are joined to contoso.com.
All the mobile devices in the Montreal and Seattle offices run Android. All the mobile devices in the New York office run iOS.
Contoso has the users shown in the following table.

Contoso has the groups shown in the following table.

Microsoft Office 365 licenses are assigned only to Group2.
The network also contains external users from a vendor company who have Microsoft accounts that use a suffix of @outlook.com.
Requirements
Planned Changes
Contoso plans to provide email addresses for all the users in the following domains:
* East.adatum.com
* Contoso.adatum.com
* Humongousinsurance.com
Technical Requirements
Contoso identifies the following technical requirements:
* All new users must be assigned Office 365 licenses automatically.
* The principle of least privilege must be used whenever possible.
Security Requirements
Contoso identifies the following security requirements:
* Vendors must be able to authenticate by using their Microsoft account when accessing Contoso resources.
* User2 must be able to view reports and schedule the email delivery of security and compliance reports.
* The members of Group1 must be required to answer a security question before changing their password.
* User3 must be able to manage Office 365 connectors.
* User4 must be able to reset User3 password.

 

NEW QUESTION 111
You have a Microsoft Azure Active Directory (Azure AD) tenant named contoso.com that includes a user named User1.
You enable multi-factor authentication for contoso.com and configure the following two fraud alert settings:
* Set Allow users to submit fraud alerts: On
* Automatically block users who report fraud: On
You need to instruct the users in your organization to use the fraud reporting features correctly.
What should you tell the users to do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Code to report fraud during initial greeting: When users receive a phone call to perform two-step verification, they normally press # to confirm their sign-in. To report fraud, the user enters a code before pressing #. This code is 0 by default, but you can customize it.
Block user when fraud is reported: If a user reports fraud, their account is blocked for 90 days or until an administrator unblocks their account. An administrator can review sign-ins by using the sign-in report, and take appropriate action to prevent future fraud. An administrator can then unblock the user's account.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#fraud-alert

 

NEW QUESTION 112
Note: This question is part of a series of questions that present the same scenario. Each question
in the series contains a unique solution that might meet the stated goals. Some question sets
might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
You need to assign User2 the required roles to meet the security requirements.
Solution: From the Office 365 admin center, you assign User2 the Security Reader role. From the
Exchange admin center, you assign User2 the Help Desk role.
Does this meet the goal?

  • A. No
  • B. Yes

Answer: A

 

NEW QUESTION 113
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory forest.
You deploy Microsoft 365.
You plan to implement directory synchronization.
You need to recommend a security solution for the synchronized identities. The solution must meet the following requirements:
* Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable.
* Users passwords must be 10 characters or more.
Solution: Implement password hash synchronization and configure password protection in the Azure AD tenant.
Does this meet the goal?

  • A. No
  • B. Yes

Answer: A

 

NEW QUESTION 114
Your network contains an Active Directory domain named adatum.com that is synced to Microsoft Azure
Active Directory (Azure AD).
The domain contains 100 user accounts.
The city attribute for all the users is set to the city where the user resides.
You need to modify the value of the city attribute to the three-letter airport code of each city.
What should you do?

  • A. From Azure Cloud Shell, run the Get-AzureADUserand Set-AzureADUsercmdlets.
  • B. From the Microsoft 365 admin center, select the users, and then use the Bulk actions option.
  • C. From Active Directory Administrative Center, select the Active Directory users, and then modify the
    Properties settings.
  • D. From Windows PowerShell on a domain controller, run the Get-AzureADUserand
    Set-AzureADUser cmdlets.

Answer: C

 

NEW QUESTION 115
Which migration solution should you recommend for Project1?

  • A. From the Exchange admin center, start a migration and select Staged migration.
  • B. From the Microsoft 365 admin center, start a data migration and click Exchange as the data service.
  • C. From the Exchange admin center, start a migration and select Cutover migration.
  • D. From the Microsoft 365 admin center, start a data migration and click Outlook as the data service.

Answer: B

Explanation:
Explanation
Project1: During Project1, the mailboxes of 100 users in the sales department will be moved to Microsoft 365.
Fabrikam does NOT plan to implement identity federation.
All users must be able to exchange email messages successfully during Project1 by using their current email address.
During Project1, some users will have mailboxes in Microsoft 365 and some users will have mailboxes in Exchange on-premises. To enable users to be able to exchange email messages successfully during Project1 by using their current email address, we'll need to configure hybrid Exchange.
A new way to migrate mailboxes in a hybrid Exchange configuration is to use the Microsoft 365 data migration service. The data migration service can migrate Exchange, SharePoint and OneDrive. Therefore, we need to start a data migration and click Exchange as the service to be migrated.
Reference:
https://docs.microsoft.com/en-us/fasttrack/O365-data-migration
https://docs.microsoft.com/en-us/exchange/hybrid-deployment/move-mailboxes

 

NEW QUESTION 116
You recently migrated your on-premises email solution to Microsoft Exchange Online and are evaluating which licenses to purchase.
You want the members of two groups named IT and Managers to be able to use the features shown in the following table.

The IT group contains 50 users. The Managers group contains 200 users.
You need to recommend which licenses must be purchased for the planned solution. The solution must minimize licensing costs.
Which licenses should you recommend?

  • A. 250 Microsoft 365 E3 only
  • B. 250 Microsoft 365 E5 only
  • C. 50 Microsoft 365 E3 and 200 Microsoft 365 E5
  • D. 200 Microsoft 365 E3 and 50 Microsoft 365 E5

Answer: D

Explanation:
Section: [none]
Explanation:
Microsoft Azure Active Directory Privileged Identity Management requires an Azure AD Premium P2 license.
This license comes as part of the Microsoft 365 E5 license. Therefore, we need 50 Microsoft 365 E5 licenses for the IT group.
Conditional Access requires the Azure AD Premium P1 license. This comes as part of the Microsoft E3 license. Therefore, we need 200 Microsoft 365 E3 licenses for the Managers group.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/subscription- requirements

 

NEW QUESTION 117
Your company has a Microsoft Office 365 subscription that contains the groups shown in the following table.

You have the licenses shown in the following table.

Another administrator removes User1 from Group1 and adds Group2 to Group1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

The users are assigned SharePoint licenses directly. Their group memberships have no effect on licenses directly assigned to the user accounts.

 

NEW QUESTION 118
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain.
You deploy a Microsoft Azure Active Directory (Azure AD) tenant.
Another administrator configures the domain to synchronize to Azure AD.
You discover that 10 user accounts in an organizational unit (OU) are NOT synchronized to Azure AD. All the other user accounts synchronized successfully.
You review Azure AD Connect Health and discover that all the user account synchronizations completed successfully.
You need to ensure that the 10 user accounts are synchronized to Azure AD.
Solution: You run idfix.exe and report the 10 user accounts.
Does this meet the goal?

  • A. No
  • B. Yes

Answer: A

Explanation:
Explanation
The question states that "all the user account synchronizations completed successfully". If there were problems with the 10 accounts that needed fixing with idfix.exe, there would have been synchronization errors in Azure AD Connect Health.

 

NEW QUESTION 119
Your network contains an on-premises Active Directory domain.
You have a Microsoft 365 subscription.
You implement a directory synchronization solution that uses pass-through authentication.
You configure Microsoft Azure Active Directory (Azure AD) smart lockout as shown in the following exhibit.

You discover that Active Directory users can use the passwords in the custom banned passwords list.
You need to ensure that banned passwords are effective for all users.
Which three actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  • A. From all the domain controllers, install the Azure AD Password Protection DC Agent.
  • B. From a domain controller, install the Microsoft AAD Application Proxy connector.
  • C. From Active Directory, modify the Default Domain Policy.
  • D. From a domain controller, install the Azure AD Password Protection Proxy.
  • E. From Custom banned passwords, modify the Enforce custom list setting.
  • F. From Password protection for Windows Server Active Directory, modify the Mode setting.

Answer: A,D,F

Explanation:
Section: [none]
Explanation:
Azure AD password protection is a feature that enhances password policies in an organization. On-premises deployment of password protection uses both the global and custom banned-password lists that are stored in Azure AD. It does the same checks on-premises as Azure AD does for cloud-based changes. These checks are performed during password changes and password reset scenarios.
You need to install the Azure AD Password Protection Proxy on a domain controller and install the Azure AD Password Protection DC Agent on all domain controllers. When the proxy and agent are installed and configured, Azure AD password protection will work.
In the exhibit, the password protection is configured in Audit mode. This is used for testing. To enforce the configured policy, you need to set the password protection setting to Enforced.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-password-ban-bad-on-premises- deploy
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-password-ban-bad-on-premises

 

NEW QUESTION 120
You company has a Microsoft Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.
The tenant includes a security group named Admin1. Admin1 will be used to manage administrative accounts.
You need to identify which users can perform the following administrative tasks:
* Create guest user accounts.
* Add User3 to Admin1.
Which users should you identify for each task? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

 

NEW QUESTION 121
You have a Microsoft 365 subscription.
You need to implement Windows Defender Advanced Threat Protection (ATP) for all the supported devices enrolled devices enrolled on mobile device management (MDM).
What should you include in the device configuration profile? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation:
References:
https://docs.microsoft.com/en-us/intune/advanced-threat-protection

 

NEW QUESTION 122
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft 365 subscription.
You discover that some external users accessed content on a Microsoft SharePoint site. You modify the SharePoint sharing policy to prevent sharing outside your organization.
You need to be notified if the SharePoint policy is modified in the future.
Solution: From the SharePoint site, you create an alert.
Does this meet the goal?

  • A. No
  • B. Yes

Answer: A

Explanation:
Explanation
You need to create a threat management policy in the Security & Compliance admin center.

 

NEW QUESTION 123
Your company has an on-premises Microsoft Exchange Server 2016 organization. The organization is in the company's main office in Melbourne. The main office has a low-bandwidth connection to the Internet.
The organization contains 250 mailboxes.
You purchase a Microsoft 365 subscription and plan to migrate to Exchange Online next month.
In 12 months, you plan to increase the bandwidth available for the Internet connection.
You need to recommend the best migration strategy for the organization. The solution must minimize administrative effort.
What is the best recommendation to achieve the goal? More than one answer choice may achieve the goal.
Select the BEST answer.

  • A. hybrid migration
  • B. cutover migration
  • C. staged migration
  • D. network upload

Answer: A

Explanation:
Section: [none]
Explanation:
With a hybrid migration, you can migrate the mailboxes in small batches over a period of time which will help to avoid saturating the bandwidth. With the migration wizard, you can configure a migration batch to start outside office hours which would minimize bandwidth usage during office hours.
With a hybrid migration, you do not need to reconfigure Outlook to connect to the migrated mailbox. Outlook will automatically detect the new mailbox location. This reduces administrative effort.
Incorrect Answers:
A: 'Network upload' is not a defined migration strategy.
B: With a cutover migration, all mailboxes are migrated in one go. This is not suitable for a low bandwidth Internet connection. You would also need to manually reconfigure Outlook for each user which does not meet the requirement of minimizing administrative effort.
D: With a staged migration, mailboxes are migrated in batches. However, Microsoft recommends using a staged migration when you have more than 2000 mailboxes. You would also need to manually reconfigure Outlook for each user which does not meet the requirement of minimizing administrative effort.
Reference:
https://docs.microsoft.com/en-us/exchange/mailbox-migration/mailbox-migration

 

NEW QUESTION 124
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
You may now click next to proceed to the lab.
Lab information
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
[email protected]
Microsoft 365 Password:oL9z0=?Nq@ox
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only:
Lab Instance:11098651

You need to prevent users in your organization from receiving an email notification when they save a document that contains credit card numbers.
To answer the question, sign in to the Microsoft 365 portal.

Answer:

Explanation:
See explanation below.
Explanation
You need to edit the Data Loss Prevention Policy to disable the email notifications.
1. Go to https://protection.office.com or navigate to the Security & Compliance admin center.
2. In the left navigation pane, expand Data Loss Protection and select Policy.
3. Select the Data Loss Prevention policy and click the Edit Policy button.
4. Click Policy Settings in the left navigation pane of the policy.
5. Select the policy rule and click the Edit Rule button.
6. Scroll down to the 'User notifications' section.
7. Toggle the slider labelled "Use Notifications to inform users...." to Off.
8. Click Save to save the changes to the policy rule.
9. Click Save to save the changes to the policy.

 

NEW QUESTION 125
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You need to assign User2 the required roles to meet the security requirements.
Solution: From the Office 365 admin center, you assign User2 the Records Management role. From the Exchange admin center, you assign User2 the Help Desk role.
Does this meet the goal?

  • A. No
  • B. Yes

Answer: A

 

NEW QUESTION 126
Your company has a hybrid deployment of Azure Active Directory (Azure AD).
You purchase a Microsoft 365 subscription.
Your company has a hybrid deployment of Azure Active Directory (Azure AD).
You purchase a Microsoft 365 subscription.
You plan to migrate the Home folder of each user to Microsoft 365 during several weeks. Each user has a device that runs Windows 10.
You need to recommend a solution to migrate the Home folder of five administrative users as quickly as possible.
Which three actions should you recommend be performed in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. Each user has a device that runs Windows 10.
You need to recommend a solution to migrate the Home folder of five administrative users as quickly as possible.
Which three actions should you recommend be performed in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

Explanation:

Explanation

You need to configure a Group Policy Object (GPO) with the OneDrive settings required to redirect the Home folder of each user to Microsoft 365.
Before you can configure the Group Policy, you need to download the OneDrive Administrative Templates.
These templates add the required OneDrive settings to Group Policy so you can configure the settings as required.
After the OneDrive settings have been configured in Group Policy, you can run the gpupdate /force command on the five computers to apply the new Group Policy settings immediately.
Reference:
https://practical365.com/clients/onedrive/migrate-home-drives-to-onedrive-for-business/

 

NEW QUESTION 127
......

Updated Jan-2022 Pass MS-100 Exam - Real Practice Test Questions: https://www.realvce.com/MS-100_free-dumps.html

Pass Your Exam With 100% Verified MS-100 Exam Questions: https://drive.google.com/open?id=1YBlTKkFKqMw_WMQo_-QDVhYi2tgRofaV

Related Articles

more
Microsoft MS-100 Certification Practice Exam

Our premium VCE file helps you pass exam 100% for sure. We serve every customer heart and soul. We guarantee No Helpful Full Refund.

Latest Real Exam VCE

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 RealVCE NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy